This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, and explores auditor responsibilities such as identifying network and host weaknesses, reporting them to stakeholders, and suggesting recommendations to improve an organization's security. Learn to distinguish between white, black, and gray box testing, and then explore the benefits of periodic scans for identifying vulnerabilities. Learn how to use pen tests, and evaluate environmental and physical security controls. Next, learn how to use Nessus, a free remote security scanning tool. This course demonstrates how to forge TCP (transmission control protocol) network traffic by using the hping3 tool in Kali Linux. This course demonstrates the OWASP (open-source web application security scanner) ZAP (zed attack proxy) tool to identify web app vulnerabilities. You will learn how to secure traffic by using IPSec (internet security protocol), configure a cloud-based jump box, and about honey pots. Next, learn to secure assets with physical controls and the eavesdropping risk of drones. Finally, learners will be able to identify different types of fire suppression systems.
Learning Objectives
{"discover the subject areas covered in this course"}